[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: (open) sshd timeout



Just tested it and it works like a charm.  I used the global
/etc/profile to effect the condition.  If I recall correctly anything
in ~/.bash_profile will override settings in the global /etc/profile. 
So you could have a global timeout, and then different timeouts for
certain users.  Of course a user could edit their own .bash_profile
and override the timeout from the global profile.  So not as secure I
suppose in that sense as something in OpenSSH that an unpriviledged
end user could not change.

Out of curiosity I checked the /var/log/secure file to see if the
timeout resulted in an entry however no evidence found of same.  In
/var/log/messages you do see the closed session recorded exactly x
seconds (whatever you set x as) after going idle (I simply logged in
and left it idle, so closed session was exactly 3 minutes after
opening the session - as per 180 second TMOUT I specified in
/etc/profile).  However the entry is no different than if a person did
a normal exit vs a timeout.  Would have been nice to have the entry
reflect that it was a timeout (good to know if a user is always
forgetting to logout, and good to know if doing log analysis on a
system pursuant to investigating an incident on the network).

Jacques B.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]